Lucene search
+L

9 matches found

osv
osv
added 2026/04/08 8:11 p.m.4 views

CVE-2026-39416 Stored XSS in modal item preview for long item content in AIL Framework

AIL framework is an open-source platform to collect, crawl, process and analyse unstructured data. Prior to 6.8, a stored cross-site scripting XSS vulnerability was identified in the modal item preview functionality. When item content longer than 800 characters was processed, attacker-controlled...

8.5CVSS6AI score0.00219EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/10/15 1:45 p.m.5 views

CVE-2025-41706

The webserver is vulnerable to a denial of service condition. An unauthenticated remote attacker can craft a special GET request with an over-long content-length to trigger the issue without affecting the core functionality...

5.3CVSS6.9AI score0.01735EPSS
Exploits0References1
nvd
nvd
added 2025/10/14 8:15 a.m.4 views

CVE-2025-41706

The webserver is vulnerable to a denial of service condition. An unauthenticated remote attacker can craft a special GET request with an over-long content-length to trigger the issue without affecting the core functionality...

5.3CVSS0.01735EPSS
Exploits0References2
osv
osv
added 2025/02/03 12:0 a.m.6 views

CVE-2025-25062

An XSS issue was discovered in Backdrop CMS 1.28.x before 1.28.5 and 1.29.x before 1.29.3. It doesn't sufficiently isolate long text content when the CKEditor 5 rich text editor is used. This allows a potential attacker to craft specialized HTML and JavaScript that may be executed when an...

4.4CVSS5.5AI score0.01659EPSS
Exploits3References5
susecve
susecve
added 2023/02/15 6:11 a.m.3 views

SUSE CVE-2007-4727

Buffer overflow in the fcgienvadd function in modproxybackendfastcgi.c in the modfastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the...

6.8CVSS8.2AI score0.12895EPSS
Exploits1References4
redhat
redhat
added 2006/12/19 9:1 p.m.7 views

seamonkey < 1.0.7 multiple vulnerabilities

Multiple heap-based buffer overflows in Mozilla Thunderbird before 1.5.0.9 and SeaMonkey before 1.0.7 allow remote attackers to execute arbitrary code via 1 external message modies with long Content-Type headers or 2 long RFC2047-encoded MIME non-ASCII headers...

6.8CVSS6.4AI score0.04208EPSS
Exploits0References4
redhat
redhat
added 2005/06/23 7:19 p.m.4 views

security flaw

Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service CPU consumption and slowdown via a message with a long Content-Type header without any boundaries...

5CVSS5.9AI score0.08349EPSS
Exploits0References4
cvelist
cvelist
added 2005/06/22 4:0 a.m.22 views

CVE-2005-1266

Apache SpamAssassin 3.0.1, 3.0.2, and 3.0.3 allows remote attackers to cause a denial of service CPU consumption and slowdown via a message with a long Content-Type header without any boundaries...

8.9AI score0.08349EPSS
Exploits0References9
nvd
nvd
added 2004/08/24 4:0 a.m.9 views

CVE-2004-1752

Stack-based buffer overflow in Gaucho 1.4 Build 145 allows remote attackers to execute arbitrary code via a POP3 email with a long Content-Type header...

7.5CVSS8.1AI score0.06708EPSS
Exploits1References6
Rows per page
Query Builder